Also see: https://fedorahosted.org/389/ticket/365
This is will be included in a future release.
Mark
On 05/18/2012 02:13 PM, Alberto Viana wrote:
I have a 389 DS server replication agreement whith an AD Server and
when I change the password in the windows side it replicates into 389
but via 389 console I can see this field "unhashed#user#password" in
clear text.
How can I encrypt this field? Is it possible?
I tried the following configuration:
Source:
http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Configuring_Directory_Databases-Creating_and_Maintaining_Databases.html#Creating_and_Maintaining_Databases-Database_Encryption
dn: cn=unhashed#user#password,cn=encrypted
attributes,cn=userRoot,cn=ldbm data
base,cn=plugins,cn=config
objectClass: top
objectClass: nsAttributeEncryption
cn: unhashed#user#password
nsEncryptionAlgorithm: AES
If I restart my server the field is gone.
The fact is that I need to avoid my admin to see the userĀ“s password.
--
389 users mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/389-users
